CMF fails this test, apparently

Comodo Memory Firewall Beta Corner
#1

Hi all, I came across this thread at wilders, apparently CMF fails all 5 tests. :frowning:
Test is downloadable here.(scroll down)

#2

Yep this has already been discussed. CMF block api calls from BO so if POCs are only used to demonstrate Buffer Overflows there would be no way to block those.
Anyway any malicious code needs to call some API to accomplish something so real exploits will be catched by SMF.

It would be interesting to run Comodo BO tester 3rd test against BufferShield. It should fail.
Also CMF should protect your PC if some malware disable widows enforced hardware DEP.

I looked at that thread and found out Prevented Exploits | BufferShield CFM is not mentioned I guess that someone could ask them to include it in their tested products list ;D

#3

Iā€™m a bit confused hereā€¦ so does CMF actually prevent BOā€™s from occurring, or does it just limit what the BO can do?
From what you said, it looks like the latter?

#4

IIRC BO cannot be prevented. BO can be detected and the offending proces killed. Thatā€™s what CMF will do. If a BO is exploited then an API will be called.

#5

Hi,

How does CMF compare, in term of security, to Buffershield?
From the link in your test, how many ā€œgreen hookā€ could CMF have/had and against wich of this exploit does CMF doesnā€™t protect us?

Thanks,
Atomas31

#6

I cannot test those exploit myself :o as those are only link to advisories that give exploit specifics. I guess that is up to BS developers to add CFM and Microsoft HW DEP too.
From a thecnical standpoint. CMF catch some exploits that could be catched by MS HW dep and also some exploit that ms HW dep doesnā€™t catch.
DS developers tested only MS software dep (that is MS not hardware supported DEP used on old CPUs).

As it turns out MS enforced dep could be disabled in some cases so CMF will provide protection in such scenarios too.

#7

Well, I hope BS developper will add CMF to there testsā€¦

As for me, I have tried CMF but after two BSOD causes by the addition of CMF, I remove it from my system :cry:

I hope Comodo will solved the BSOD issue soonā€¦

I have windows XP with SP2, Nod32 2.70.39, Comodo Boclean and Prosecurity 1.41 and Rollback Rx 8.1 and when BSOD happens I had Utorrent downloading in background, Mailwasher pro 6.1 in the tray bar, and I was navigating with Firefox on comodo website (both times) and listening music with Winamp 5.50ā€¦

Best regards,
Atomas31

#8

Hi

Well. Buffershield didnĀ“t pass the Comodo BO Testerā€¦ (:TNG)

#9

Locked.

Reason: Out-Dated post.

Josh